20th Jun
2008

Or, "I'm checking it, honest!"

Hmm. A mate noticed this earlier - his Macbook is currently fried so he's temporarily working on his girlfriend's machine with Windows XP (anyone feel his pain?).

On goes the spangly new Firefox 3... sooner or later he notices the new "Scanning for viruses" message which briefly appears at the end of a download.

Hang on a mojo: he has no virus scanner. Come to think of it, I thought, I've noticed this in Firefox 3 recently and neither have I. Yes, this is on my Windows machine - I've not run a virus checker for a long time. Only stupid people get infected. OK, OK, I admit my hard drive back when I worked at Jester once got trashed by some malicious shittery or other, but that was down to my own stupidity.

Anyway, that ends the invitation to send me viruses. So what exactly is Firefox doing with our downloads?

Said mate's first test was to download the Eicar anti-virus test file. These files contain a short, recognizable string of ASCII characters that virus scanners trigger on. Firefox "scanned" the file and reported nothing.

A quick search on the new "feature" resulted in lots of complaints: its too slow, it times out, it crashes when checking large files, etc etc. As it turns out, the setting is disable-able. Notice, though, on that page under "Caveats" that "this preference only has an effect if you have antivirus software installed and are running Windows." (There's more information and chat on the MozillaZine forums.)

It turns out Firefox is doing something, but only if a compatible virus checker is installed. So the question is: why is Firefox telling people who might not have virus protection that their files are being checked? Surely it shouldn't assume one is present? Can it tell when there isn't?

Talk about a false sense of security... arf.